----- Original Message -----
> On another thread on this list, someone wrote:
> Time and time again we are seeing that even with the protections in
> place, JavaScript ends up doing more harm than good. Many of the
> problems would simple not exist if JavaScript were not there.
>> I call foul :). I'm on the interwebs pushing the 'any' key all day
> long
> on my linux desktop and I have 0 security issues with Java - Or
> anything
> else for that matter. So I pose the following questions:
>> 1) have you ever had your linux desktop hacked? Or any type of
> security
> breach?
> 2) if not, do you even know anyone that's ever had their linux desktop
> hacked?
>> Realizing that webservers are an entirely different story.
>> I'll start. No and no. I've never had my my linux desktop attacked
> that
> I could tell. And I don't even know anybody that has.
Javascript doesn't cause the problem, hackers do. The concept is a little risky to begin with, allowing web sites to run arbitrary code on your PC is pretty risky. Despite the attempts to make it secure ingenious people have found ways around it. They wanted to make sure that a script could only talk to a limited number of hosts, the hosts that supplied content to the page.This is the same origin policy. Since web servers can have several different IPs browsers use hostnames to determine which hosts a page's code should be restricted to. With DNS rebinding an attacker uses short DNS time-to-lives to switch the IP to a different address.
If the attacker switched to a local network address, like your firewall or localhost and can then explore that host.
If the attacker makes a statistical guess, knowing that your PC is Canadian and you may still have a valid session at one of Canada's major banks, the attacker can switch the DNS to a bank's site and send a request to transfer money. They can try this on a thousand PCs and only a few have to be in this state to make some money.
In either case nothing necessarily has to be displayed to the user.
As you can see these techniques are not necessarily limited to the operating system. A browser could choose techniques to make itself immune.
The first step in this is to lure you to a dangerous site.
--
John Van Ostrand
CTO, co-CEO
Net Direct Inc.
564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6
Ph: 866-883-1172 x5102
Fx: 519-883-8533
Linux Solutions / IBM Hardware